updated 06:40 pm EDT, Sun August 24, 2014
Several companies confirm attacks as service returns, hacking group claims responsibility
Some of the most popular gaming services are reportedly under attack as a series of distributed denial of service attacks (DDoS) has been underway since last week. Shacknews reports that Blizzard, Grinding Gear Games, PlayStation Network, Riot and Sony Online Entertainment have all been undergoing a series of attacks leading to connection instabilities and service failures. While the attack was initially thought to be limited to a few companies, it's been discovered that several additional gaming services and websites have been targeted as far back as August 18 by a hacking group.
Attacks on the PlayStation Network and Sony Online Entertainment (SOE) servers appear to have started early Sunday morning. The PlayStation Blog and Twitter account confirmed that the company was having issues with "artificially high traffic." SOE President John Smedley stated that the high traffic was a result of a DDoS attack that was happening upstream of the SOE servers. The post on the PlayStation Blog indicates that "no personal information has been accessed." The theft of personal information is a concern for Sony, as it witnessed a large scale breach in 2011.
A number of Blizzard's games are affected as Battle.net servers were targeted late Saturday night. The system is central to online play for World of Warcraft, Diablo 3, Hearthstone and Heroes of the Storm. Blizzard indicates that the service has been restored, but didn't mention until earlier today that Battle.net witnessed DDoS attacks.
Several other games have been affected as well, with some of the largest player populations in games being involved. Riot confirms on the message boards that the recent instability of League of Legends is tied to DDoS attacks. EVE Online also took to their message boards to inform its players that it has seen DDoS attacks recently involving the Tranquility server. Grinding Gear Games also admitted to being the victim of attack for Path of Exile. Jagex says that RuneScape has been "targeted by attacks," but doesn't indicate what kind.
Games hosted by NCSoft have also been undergoing connection issues that don't appear to be tied to sever maintenance on August 20. Carbine Studio's Wildstar and ArenaNet's Guild Wars 2 have been dealing with connection issues for at least two days, with a tweet from the Wildstar's operations team saying that the issue is at NCSoft's data center. Aaon and Lineage II also report similar problems.
A hacking group called Lizard Squad has taken responsibility for the attacks, some of which date back as far as August 18, according to their Twitter feed. Their tweets line up to attacks on all of the aforementioned games and services, but no other evidence has been presented to link them. It's unclear the exact vector of DDoS attack, but it appears to be a large and repeated enough that the companies involved are having trouble blocking the efforts.
Outside of numerous gaming services, the group has also claimed to have brought down the National Security Agency's mail server and a few websites. The hacking group has also targeted users on Twitch, claiming to take games down based on the actions of streamers.
To escalate matters, the group also appears to be tied to a threat that caused SOE President John Smedley's flight to be diverted. The group tweeted American Airlines in a nefarious manner that called attention to the flight from Dallas-Fort Worth to San Diego. Flight 362 was later diverted to Phoenix for "security reasons." According to the Arizona Republic, the plane had 179 passengers and six employees. Smedley later reported "all is well," and that "justice will find these guys."